DOCUMENT:Q314506 06-AUG-2002 [iis] TITLE :HOW TO: Use Internet Explorer to Verify Your IIS Security Config PRODUCT :Internet Information Server PROD/VER::5.0 OPER/SYS: KEYWORDS:kbAudITPro kbHOWTOmaster ====================================================================== ------------------------------------------------------------------------------- The information in this article applies to: - Microsoft Internet Information Services version 5.0 ------------------------------------------------------------------------------- IN THIS TASK ------------ - SUMMARY - Check the Server Agent, ISAPI DLL - Verify IIS Security Settings - REFERENCES SUMMARY ======= You can use Microsoft Internet Explorer to determine the security settings of your Internet Information Services (IIS) 5.0 configuration. You can also check the server agent, ISAPI DLL, to verify that you have configured the agent correctly. This article summarizes the necessary steps to ensure that your servers are properly secured. NOTE: In addition to IIS, you need some familiarity with Microsoft SQL Server 2000 CE to perform the procedures in this article. Check the Server Agent, ISAPI DLL --------------------------------- You can use Internet Explorer to verify that your server agent, ISAPI DLL, is configured properly. To do this, type the following in the Address bar in Internet Explorer, and then press ENTER: http:///sqlce/sscesa10.dll NOTE: If you configured IIS to use Secure Sockets Layer (SSL), change http:// to "https://" (without the quotation marks). If you configured your server agent properly, the string "Body" will be displayed. Verify IIS Security Settings ---------------------------- You can verify that your IIS security settings are correct while you check ISAPI DLL. To do this, follow these steps: 1. Type the following in the Address bar of Internet Explorer, and then press ENTER: http:/// NOTE: If you configured IIS to use SSL, change the http:// to "https://" (without the quotation marks). 2. If you configured IIS for Basic authentication, you will be prompted for your user name and password. If you are not prompted for a name and password, you have configured your IIS for anonymous access without any authentication. NOTE: Be sure to click Refresh on the Internet Explorer toolbar after you make changes to your server. This ensures that Internet Explorer does not read from the cache. REFERENCES ---------- For more information, browse to the following MSDN Web site: SQL Server 2000 CE Books Online http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sqlce/portal_6ol0.asp?frame=true Additional query words: ====================================================================== Keywords : kbAudITPro kbHOWTOmaster Technology : kbiisSearch kbiis500 Version : :5.0 Issue type : kbhowto ============================================================================= THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. Copyright Microsoft Corporation 2002.